Skip to content
#

pentest

Star

Here are 253 public repositories matching this topic...

Language: Python
Filter by language
All 253 Python 253 Shell 63 Go 29 C 25 PowerShell 17 PHP 15 HTML 14 Java 14 JavaScript 14 Ruby 11
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

al0ne / Vxscan

Star

python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。

python tools cdn detection waf fingerprint python3 identification scan-tool pentest portscan port-scanning security-tools directory-scanning poc-scanning website-fingerprint fingerprint-recognition-error
  • Updated Jan 2, 2020
  • Python

christophetd / CloudFlair

Sponsor Star
Open

Test candidate origin servers on two ports HTTP & HTTPS

1
ELHARAKA
ELHARAKA commented Jan 29, 2020

I have been using this tool for awhile and i noticed 50% of the results are false positive. for i,e after cloudflair dump a list of ip addresses for the site origin server it can't detect which one is working so i after i take those ip addresses i test them manually on the both ports 443 & 80 some they work on 443 port and some they only work at 80 port.

Thank you so much for this amazing tool

Read more
enhancement good first issue

TryCatchHCF / Cloakify

Star

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

security cryptography privacy cipher hacking steganography infosec pentesting pentest hacking-tool exfiltration red-team dlp data-exfiltration security-tools av-evasion pentest-tool stego hacking-tools pentest-tools
  • Updated Nov 24, 2020
  • Python

sevagas / macro_pack

Star

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

obfuscation macros vba pentest meterpreter msoffice social-engineering redteam
  • Updated Oct 30, 2020
  • Python

anouarbensaad / vulnx

Star

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

python bot crawler hacking vulnerability pentest exploitation vulnerability-detection hacking-tool vulnerability-assessment information-gathering security-tools cms-detector cloudflare-detection shell-injection vulnerability-exploit website-vulnerability-scanner wp-scanner auto-exploiter vulnx
  • Updated Jun 12, 2020
  • Python

TryCatchHCF / DumpsterFire

Star

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

security automation hacking infosec pentesting pentest hacking-tool red-team security-tools pentest-tool blue-team hacking-tools red-teams blue-teams pentest-tools
  • Updated May 27, 2020
  • Python

k8gege / K8CScan

Star

K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动

mysql security exploit ftp scanner ipc smb oracle hacking password subdomain wmi poc mssql pentest crack portscan cobalt-strike getshell netscan
  • Updated Dec 25, 2019
  • Python

GoSecure / pyrdp

Star
Open

Session Hijacking - Keep session alive on client disconnect

1
alxbl
alxbl commented Aug 6, 2020

Currently, if an intercepted client disconnects while their session is hijacked, PyRDP will ignore the request for disconnect until the RDP client times out, after which point both connections (client - pyrdp and pyrdp - server) are disconnected. Dropping the hijacked session in the process.

It would be nice and not too complicated to disconnect the client smoothly while keeping the hijacked se

Read more
enhancement good first issue hacktoberfest

Improve this page

Add a description, image, and links to the pentest topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the pentest topic, visit your repo's landing page and select "manage topics."

Learn more

You can’t perform that action at this time.